package com.gr.springboot_shiro.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
@RequestMapping("order")
public class OrderControlller {

    @RequestMapping("save")
    //@RequiresRoles(value = {"admin","user"})
    //@RequiresPermissions("update:user:*")
    public String save() {

        Subject subject = SecurityUtils.getSubject();
        if (subject.hasRole("admin")) {
            System.out.println("有权访问");
        } else {
            System.out.println("无权访问");
        }

        return "redirect:/index.jsp";
    }
}
